Heathen IoT of Things Penetration Testing Framework developed as a research project, which automatically help developers and manufacturers build more secure products in the Internet of Things space based on the Open Web Application Security Project (OWASP) by providing a set of features in every fundamantal era.

HEATHEN – Internet Of Things Pentesting Framework.

Main Menu:* Insecure Web Interface* Insufficient Authentication/Authorization
[-] Ensure that any access requiring authentication requires strong passwords
[-] Ensure that user roles can be properly segregated in multi-user environments
[-] Implement two-factor authentication where possible
[-] Ensure password recovery mechanisms are secure
[-] Ensure that users have the option to require strong passwords
[-] Ensure that users have the option to force password expiration after a specific period
[-] Ensure that users have the option to change the default username and password* Insecure Network Services* Lack of Transport Encryption* Privacy Concerns* Insecure Cloud Interface* Insecure Mobile Interface* Insufficient Security Configurability* Insecure Software/Firmware* Poor Physical Security
[-] Ensure the device is produced with a minimal number of physical external ports (e.g. USB ports)
[-] Ensure the firmware of Operating System can not be accessed via unintended methods such as through an unnecessary USB port
[-] Ensure the product is tamper resistant
[-] Ensure the product has the ability to limit administrative capabilities in some fashion, possibly by only connecting locally for admin functions
[-] Ensure the product has the ability to disable external ports such as USB